Joined: 12 May 2004
|Posted: Sat Jun 14, 2014 9:26 am Post subject: [ GLSA 201406-11 ] libXfont: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: libXfont: Multiple vulnerabilities (GLSA 201406-11)
Exploitable: local, remote
Date: June 14, 2014
Multiple vulnerabilities have been found in libXfont, the worst of
which allow for local privilege escalation.
libXfont is an X11 font rasterisation library.
Vulnerable: < 1.4.8
Unaffected: >= 1.4.8
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in libXfont. Please review
the CVE identifiers referenced below for details.
A context-dependent attacker could use a specially crafted file to gain
privileges, cause a Denial of Service condition or possibly execute
arbitrary code with the privileges of the process.
There is no known workaround at this time.
All libXfont users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.4.8"